UPDATE at 10 p.m. with more details of the audit.
Poor policies, processes, planning and oversight led a Dallas IT worker to delete more than 8 million files from the police department, according to a city review released Thursday.
About 4.1 million photos, videos, audio, case notes and other items – or 7.5 terabytes of files – kept in police storage archives have been permanently erased. According to the report released by the city’s IT department, an additional 4.6 million files – or about 13 terabytes – were also deleted but could still be restored if the original copies are found on laptops, cameras and other devices. of the police.
Police and the Dallas District Attorney’s Office have identified 1,000 criminal cases as a priority in the file recovery process, according to the 121-page report, and nearly 17,500 cases may have been affected. So far, IT has sifted through 142 cases and recovered over 140,000 files that were thought to be permanently lost.
Dallas County District Attorney John Creuzot declined to comment on the city’s report on Thursday. He said he did not receive a copy in advance and learned it late from The morning news from Dallas.
A review to determine the relevant criminal cases is underway, he said.
[Read the report]
The city initially said 22.5 terabytes of archived data, involving cases dating back to 2018, had been deleted in separate instances. But the report reduced that tally to 20.7 terabytes.
The report does not detail the impact of the erased files on Dallas Police investigations or prosecutions in any of the city’s five affected counties. It also does not provide a clear explanation as to why the now-terminated employee deleted the documents, other than to say that there was “an obvious misunderstanding or disregard for defined procedures” on his part.
The city was in the process of transferring its data to reduce storage costs from the cloud server. The employee “insufficiently assessed and documented” how risky it was to move the data the way he did, according to the report.
The review found that the employee apparently ignored warnings from the city’s software system that he was deleting files instead of moving them from online storage to a server in the city, according to the report.
Three IT managers approved the data migration, the report said, but “didn’t understand what to do, the potential risk of failure, or carelessly considered” what the employee was going to do.
Dallas does not have rules on how employees should back up archival data. It also never implemented the practices spelled out in the city’s data management strategy document, which is now obsolete. The report concluded that the city had not prioritized best data management practices, including ensuring employees are properly trained.
“The city understands the severity and potential impacts of this data loss, and we are committed to improving the way we manage our data to ensure its security and integrity,” City Manager TC Broadnax said in a statement about of the report. He noted that the audit included recommendations to prevent the deletion of data by mistake and to improve the way the city manages its information.
Broadnax, in an August memo, introduced new policies in the wake of file erasure, including requiring two IT workers to oversee the movement of all data and instituting a 14-day waiting period before that the files are not permanently deleted. Broadnax also said the city’s elected leaders would be notified of any data breach within two hours of becoming aware of it by its leadership team. Such a requirement did not exist before.
The report also offers other recommendations, including the implementation of rules requiring multiple copies and backups of files and ways to recover the data.
The internal review began in August after Dallas County prosecutors learned of the missing police records.
That same month, city officials announced that this was not the first time the employee had deleted files he was supposed to be moving and that the total number of missing police evidence was nearly three times the estimate. initial. Shortly after, the IT employee was fired. He declined to comment The morning news from Dallas.
The loss of evidence and other police records has led police officials to call for an overhaul of the way the agency manages and stores its data, although a 2018 municipal audit noted issues with record keeping. of files.
According to the city, the former employee was supposed to move 35 terabytes of archived police files from online storage to a physical drive in the city starting March 31. The transfer was to take five days.
But the process was canceled halfway after the employee erased 22 terabytes of files. The city said it recovered all but 7.5 terabytes.
The 4.1 million files in that batch came from several divisions of the police department, but the majority involved evidence gathered by the domestic violence unit, according to the report. The audit confirmed that the city’s most violent cases were not affected.
Although the city clerk’s files were also affected, the forensic audit determined that was not the case.
The city plans to hire a law firm to oversee an outside investigation into the incident. The FBI office in Dallas is helping the police department determine if electronic evidence was intentionally deleted. A previous police investigation did not reveal any apparent criminal intent, but could not prove or disprove whether the files were intentionally deleted.
Editor-in-chief Krista Torralva contributed to this report.